1. Field of the Invention
Exemplary embodiments relate to a digital security field, and more particularly, to an apparatus and a method for generating an identification key used for an encoding and decoding method, a digital signature, and the like that may be necessary for security of an electronic apparatus, embedded system security, system on chip (SoC) security, smart card security, universal subscriber identity module (USIM) security, and the like.
2. Description of the Related Art
As an information-oriented society has been advanced, the necessity for protection of individual privacy has increased. Thus, a technology for building a security system that may transmit information securely using encryption and decryption of the information is an essentially required and salient technology.
In the advanced information-oriented society, along with a high performance computer; the use of a computing device in a form of an embedded system or a system on chip (SoC) has rapidly increased. For example, the computing devices such as radio-frequency identification (RFID), a smart card, a universal subscriber identity module (USIM), a one-time password (OTP), and the like have been widely used.
In order to build a security system in the computing device, a cryptographic-key that is used for encryption and decryption algorithms, or a unique identification may be used. The cryptographic-key or the unique identification will be hereinafter referred to as an identification key. The identification key is mainly dependent on a method of externally generating a pseudo random number (PRN) that may be cryptographically secure, and storing the PRN in a non-volatile memory such as a flash memory, an electrically erasable programmable read-only memory (EEPROM), and the like.
With respect to an identification key stored in a computing device, various attacks such as a side channel attack, a reverse engineering attack, and the like have been recently carried out. In response to these attacks, Physical Unclonable Function (PUF) technology is being developed as a method of securely generating and storing an identification key.
The PUF is a technology for generating an identification key using subtle physical characteristic differences that exist in an electronic system, and maintaining or storing the identification key as generated, which is also referred to as a hardware fingerprint.
In order to use the PUF as an identification key, first, randomness of a generated identification key should be sufficient, and second, a value of the generated identification key should be invariant with respect to time flow or changes in the environment of use.
However, there exist problems with the conventional technologies, such as sufficient randomness being difficult to obtain, and a generated identification key being modified due to changes in physical characteristics according to time flow or due to changes in environment of use, that have yet to be resolved.